Solved

Exchange Server 2010 and Forefront w/ EDGE

Posted on 2010-08-27
3
542 Views
Last Modified: 2012-05-10
We will be migrating from SBS2k3 R2 to a separate Exchange 2010 server, plus separate domain controller running WINDOWS SERVER 2008 R2 and adding FOREFRONT on another server. Do we need to run EDGE to make all of this happen?
If so, would I just need to purchase another EXCHANGE license to run the EDGE SERVER. Also, were would I run the EDGE SERVER(what box).

Any links to info on this would also be helpful.

Thanks for the input...
0
Comment
Question by:markwel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 250 total points
ID: 33542635
No - deploying the edge service on a separate box is optional. However, it IS required if you want FTMG to use its ability to control the email policy as seen within the FTMG gui.
0
 
LVL 2

Expert Comment

by:panman3
ID: 33557295
You could install a separate EDGE server in your DMZ. With Forefront security for Exchange on the EDGE, your mails are scanned in the DMZ before they reach the app-server(s) were the Exchange database resides => so you have an extra layer of protection.

If you happen to already have a Forefront TMG server in place then the Forefront scanner is already integrated into it. You just need the appropriate license to activate it on the TMG server; your mails are then scanned on the firewall itself before they go to DMZ or to internal LAN.

It is certainly neacessary to have additional licenses for each server running an Exchange role. The cost is therefore higher if you separate roles, but the performance, availability and security are increased.

Regards,
Geert
0
 

Author Closing Comment

by:markwel
ID: 33834259
Best Answer
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
In-place Upgrading Dirsync to Azure AD Connect
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question